protected override async Task <UserReadModel> ProcessAsync(UserManagementCommand <UserVerifyOTPModel> message, CancellationToken cancellationToken) { var model = message.Model; var user = await _dataContext.Users.GetByKeyAsync(model.Id) .ConfigureAwait(false); if (user == null) { throw new DomainException(422, $"User with Id '{model.Id}' not found."); } if (user.PhoneNumber != model.PhoneNumber) { throw new DomainException(422, $"User with phone number '{model.PhoneNumber}' not exist in system."); } if (user.OTP != model.OTP) { throw new DomainException(422, $"The '{model.OTP}' account verification number is not valid.,"); } user.IsPhoneNumberConfirmed = true; user.Updated = DateTimeOffset.UtcNow; await _dataContext.SaveChangesAsync(cancellationToken).ConfigureAwait(false); var readModel = _mapper.Map <UserReadModel>(user); return(readModel); }
protected override async Task <UserReadModel> ProcessAsync(UserManagementCommand <UserSendOTPModel> message, CancellationToken cancellationToken) { var otp = GenerateRandomOTP(4, saAllowedCharacters); var model = message.Model; var user = await _dataContext.Users.GetByKeyAsync(model.Id) .ConfigureAwait(false); if (user == null) { throw new DomainException(422, $"User with Id '{model.Id}' not found."); } if (user.PhoneNumber != model.PhoneNumber) { throw new DomainException(422, $"User with phone number '{model.PhoneNumber}' not exist in system."); } var result = await _sMSTemplateService.SendOTP(user.PhoneNumber, otp).ConfigureAwait(false); if (result == false) { throw new DomainException(422, $"Unable to send OTP '{model.PhoneNumber}' please try again later or contact administrator."); } user.OTP = otp; user.Updated = DateTimeOffset.UtcNow; user.IsPhoneNumberConfirmed = false; await _dataContext.SaveChangesAsync(cancellationToken).ConfigureAwait(false); var readModel = _mapper.Map <UserReadModel>(user); return(readModel); }
public async Task <IActionResult> ResetPassword(CancellationToken cancellationToken, UserResetPasswordModel model) { var userAgent = Request.UserAgent(); var command = new UserManagementCommand <UserResetPasswordModel>(model, User, userAgent); var result = await Mediator.Send(command, cancellationToken).ConfigureAwait(false); return(Ok(result)); }
public async Task <IActionResult> ResetOTP(CancellationToken cancellationToken, UserSendOTPModel model) { var userAgent = Request.UserAgent(); var command = new UserManagementCommand <UserSendOTPModel>(model, User, userAgent); var result = await Mediator.Send(command, cancellationToken).ConfigureAwait(false); return(new OkObjectResult(new { Data = result != null ? true : false, Status = StatusCodes.Status200OK })); }
protected override async Task <UserReadModel> ProcessAsync(UserManagementCommand <UserForgotPasswordModel> message, CancellationToken cancellationToken) { var model = message.Model; // check for existing user var user = await _dataContext.Users .GetByEmailAddressAsync(model.EmailAddress) .ConfigureAwait(false); if (user == null) { throw new DomainException(422, $"User with email '{model.EmailAddress}' not found."); } var resetToken = Guid.NewGuid().ToString("N"); var resetHash = _passwordHasher.HashPassword(resetToken); user.ResetHash = resetHash; user.UpdatedBy = "system"; user.Updated = DateTimeOffset.UtcNow; await _dataContext .SaveChangesAsync(cancellationToken) .ConfigureAwait(false); var emailModel = new UserResetPasswordEmail { EmailAddress = user.EmailAddress, DisplayName = user.DisplayName, ResetToken = resetToken, UserAgent = message.UserAgent, ResetLink = $"{_hostingOptions.Value.ClientDomain}#/reset-password/{resetToken}" }; await _emailTemplateService.SendResetPasswordEmail(emailModel).ConfigureAwait(false); // convert to read model var readModel = _mapper.Map <UserReadModel>(user); return(readModel); }
public async Task <IActionResult> Register(CancellationToken cancellationToken, UserRegisterModel model) { var userAgent = Request.UserAgent(); var command = new UserManagementCommand <UserRegisterModel>(model, User, userAgent); var result = await Mediator.Send(command, cancellationToken).ConfigureAwait(false); var tokenRequest = new TokenRequest { GrantType = "password", ClientId = "TrainDTrainorUI", UserName = model.EmailAddress, Password = model.Password }; var authenticateCommand = new AuthenticateCommand(userAgent, tokenRequest); var tokenResult = await Mediator.Send(authenticateCommand, cancellationToken).ConfigureAwait(false); return(new OkObjectResult(new { Data = tokenResult, Status = StatusCodes.Status200OK })); }
protected override async Task <UserReadModel> ProcessAsync(UserManagementCommand <UserChangePasswordModel> message, CancellationToken cancellationToken) { var model = message.Model; var userId = message.Principal.Identity.GetUserId(); var emailAddress = message.Principal.Identity.GetUserName(); // check for existing user var user = await _dataContext.Users .FindAsync(userId) .ConfigureAwait(false); if (user == null) { throw new DomainException(422, $"User with email '{emailAddress}' not found."); } if (!_passwordHasher.VerifyPassword(user.PasswordHash, model.CurrentPassword)) { throw new DomainException(HttpStatusCode.Unauthorized, "The password is incorrect"); } var passwordHashed = _passwordHasher .HashPassword(model.UpdatedPassword); user.PasswordHash = passwordHashed; user.UpdatedBy = emailAddress; user.Updated = DateTimeOffset.UtcNow; await _dataContext .SaveChangesAsync(cancellationToken) .ConfigureAwait(false); // convert to read model var readModel = _mapper.Map <UserReadModel>(user); return(readModel); }
protected override async Task <UserReadModel> ProcessAsync(UserManagementCommand <UserResetPasswordModel> message, CancellationToken cancellationToken) { var model = message.Model; // check for existing user var user = await _dataContext.Users .GetByEmailAddressAsync(model.EmailAddress) .ConfigureAwait(false); if (user == null) { throw new DomainException(422, $"User with email '{model.EmailAddress}' not found."); } if (!_passwordHasher.VerifyPassword(user.ResetHash, model.ResetToken)) { throw new DomainException(HttpStatusCode.Forbidden, "Invalid reset password security token."); } var passwordHashed = _passwordHasher .HashPassword(model.UpdatedPassword); user.PasswordHash = passwordHashed; user.AccessFailedCount = 0; user.LockoutEnabled = false; user.LockoutEnd = null; user.Updated = DateTimeOffset.UtcNow; await _dataContext.SaveChangesAsync(cancellationToken).ConfigureAwait(false); // convert to read model var readModel = _mapper.Map <UserReadModel>(user); return(readModel); }
protected override async Task <UserReadModel> ProcessAsync(UserManagementCommand <UserRegisterModel> message, CancellationToken cancellationToken) { var otp = GenerateRandomOTP(4, saAllowedCharacters); var model = message.Model; using (var scope = await _dataContext.Database.BeginTransactionAsync(cancellationToken).ConfigureAwait(false)) { try { // check for existing user var user = await _dataContext.Users .GetByEmailAddressAsync(model.EmailAddress) .ConfigureAwait(false); if (user != null) { throw new DomainException(422, $"User with email '{model.EmailAddress}' already exists."); } var passwordHashed = _passwordHasher .HashPassword(model.Password); user = new Data.Entities.User { EmailAddress = model.EmailAddress, DisplayName = model.DisplayName, PasswordHash = passwordHashed, Created = DateTimeOffset.UtcNow, Updated = DateTimeOffset.UtcNow, PhoneNumber = model.PhoneNumber, OTP = otp, IsPhoneNumberConfirmed = false, IsGlobalAdministrator = false }; await _dataContext.Users .AddAsync(user, cancellationToken) .ConfigureAwait(false); await _dataContext .SaveChangesAsync(cancellationToken) .ConfigureAwait(false); // convert to read model var readModel = _mapper.Map <UserReadModel>(user); var currentUser = _mapper.Map <Data.Entities.UserProfile>(user); var roles = await _dataContext.Roles.GetByNameAsync(Data.Constants.Role.MemberName).ConfigureAwait(false); var defaultRoles = _mapper.Map <Data.Entities.UserRole>(user); defaultRoles.RoleId = roles.Id; defaultRoles.UserType = (int)Enum.Roles.Trainee; await _dataContext.UserRoles.AddAsync(defaultRoles, cancellationToken).ConfigureAwait(false); await _dataContext.UserProfiles.AddAsync(currentUser, cancellationToken).ConfigureAwait(false); var status = await _dataContext.SaveChangesAsync(cancellationToken).ConfigureAwait(false); if (status != 0) { var result = await _sMSTemplateService.SendOTP(user.PhoneNumber, otp).ConfigureAwait(false); if (result == false) { Logger.LogWarning($"Unable to send OTP '{model.PhoneNumber}' please try again later or contact administrator."); throw new DomainException(422, $"Unable to send OTP '{model.PhoneNumber}' please try again later or contact administrator."); } else { scope.Commit(); return(readModel); } } } catch (Exception ex) { Logger.LogError(ex.Message); scope.Rollback(); throw new DomainException(422, $"Unable to Register:'{ex.Message}', Please try again."); } } return(null); }